revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 02:32:42 +01:00
Code Issues Releases Wiki Activity

Fix a Phortune billing issue where subscription autopay could charge disabled cards

Browse source 
Summary:
See support email. There's nothing tricky here, we were just missing a check. The different parts of this got built at different times so I think this was simply overlooked.

Also add a redundant check just to future-proof this and be on the safe side.

Test Plan: Used `bin/phortune invoice` to charge a pact subscription. After deleting the card, the charge failed with an appropriate error.

Reviewers: amckinley

Differential Revision: https://secure.phabricator.com/D19020
This commit is contained in:
epriestley 2018-02-07 07:13:57 -08:00
parent d0a2e3c54f
commit 2bb4fc9ece
4 changed files with 23 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
src/applications/phortune/query/PhortunePaymentMethodQuery.php
View file

@ -34,19 +34,12 @@ final class PhortunePaymentMethodQuery
return $this; return $this;
} }
public function newResultObject() {
return new PhortunePaymentMethod();
}
protected function loadPage() { protected function loadPage() {
$table = new PhortunePaymentMethod(); return $this->loadStandardPage($this->newResultObject());
$conn = $table->establishConnection('r');
$rows = queryfx_all(
$conn,
'SELECT * FROM %T %Q %Q %Q',
$table->getTableName(),
$this->buildWhereClause($conn),
$this->buildOrderClause($conn),
$this->buildLimitClause($conn));
return $table->loadAllFromArray($rows);
} }
protected function willFilterPage(array $methods) { protected function willFilterPage(array $methods) {
@ -106,8 +99,8 @@ final class PhortunePaymentMethodQuery
return $methods; return $methods;
} }
protected function buildWhereClause(AphrontDatabaseConnection $conn) { protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) {
$where = array(); $where = parent::buildWhereClauseParts($conn);
if ($this->ids !== null) { if ($this->ids !== null) {
$where[] = qsprintf( $where[] = qsprintf(
@ -144,9 +137,7 @@ final class PhortunePaymentMethodQuery
$this->statuses); $this->statuses);
} }
$where[] = $this->buildPagingClause($conn); return $where;
return $this->formatWhereClause($where);
} }
public function getQueryApplicationClass() { public function getQueryApplicationClass() {

7
src/applications/phortune/storage/PhortuneCart.php
View file

@ -118,6 +118,13 @@ final class PhortuneCart extends PhortuneDAO
->setAmountAsCurrency($this->getTotalPriceAsCurrency()); ->setAmountAsCurrency($this->getTotalPriceAsCurrency());
if ($method) { if ($method) {
if (!$method->isActive()) {
throw new Exception(
pht(
'Attempting to apply a charge using an inactive '.
'payment method ("%s")!',
$method->getPHID()));
}
$charge->setPaymentMethodPHID($method->getPHID()); $charge->setPaymentMethodPHID($method->getPHID());
} }

4
src/applications/phortune/storage/PhortunePaymentMethod.php
View file

@ -128,6 +128,10 @@ final class PhortunePaymentMethod extends PhortuneDAO
return $month.'/'.$year; return $month.'/'.$year;
} }
public function isActive() {
return ($this->getStatus() === self::STATUS_ACTIVE);
}
/* -( PhabricatorPolicyInterface )----------------------------------------- */ /* -( PhabricatorPolicyInterface )----------------------------------------- */

4
src/applications/phortune/worker/PhortuneSubscriptionWorker.php
View file

@ -141,6 +141,10 @@ final class PhortuneSubscriptionWorker extends PhabricatorWorker {
$method = id(new PhortunePaymentMethodQuery()) $method = id(new PhortunePaymentMethodQuery())
->setViewer($viewer) ->setViewer($viewer)
->withPHIDs(array($subscription->getDefaultPaymentMethodPHID())) ->withPHIDs(array($subscription->getDefaultPaymentMethodPHID()))
->withStatuses(
array(
PhortunePaymentMethod::STATUS_ACTIVE,
))
->executeOne(); ->executeOne();
if (!$method) { if (!$method) {
$issues[] = pht( $issues[] = pht(